Be advised we will be setting this incident to resolved. As a reminder, Volusion will never email merchants to address SSL/TLS certificate errors, or request they click on a link to login to address an error. Please report suspicous email to security@volusion.com, and our Security team will investigate.
Posted Jan 19, 2021 - 13:49 CST
Identified
Several merchants have reported receiving emails regarding errors with their SSL/TLS certificate and are being asked to log into their Volusion Store Control Panel to resolve the issue.
These emails have been identified as phishing emails. Volusion's SSL certificate process is an automated process and merchants will never receive emails from Volusion requesting clicking on a link, or logging into to you're Volusion Store Control Panel. Do not click on any links in the email, or login with your credentials to the site directed by the email.
Current reported emails have included different subjects e.g. "Critical Security Error - domain.com" or "TLS Error on domain.com" or "domain.com - Security Error" but all have similar content and a "Start the update process" link that points to a Russian domain certificate-domainsystem.com.
Volusion will never email merchants to address SSL/TLS certificate errors, or request they click on a link to login to address an error.